Age | Commit message (Collapse) | Author |
|
When any of these flags are set, all writes will trigger a subsequent fsync
call. This behavior already existed for "write-through" mounts.
O_DIRECT is treated as an alias for O_SYNC. Better support coming soon.
PiperOrigin-RevId: 275114392
|
|
These syscalls were changed in the amd64 file around the time the arm64 PR was
sent out, so their changes got lost.
Updates #63
PiperOrigin-RevId: 275114194
|
|
PiperOrigin-RevId: 275114157
|
|
These aren't actually death tests in the GUnit sense. i.e., they don't call
EXPECT_EXIT or EXPECT_DEATH.
PiperOrigin-RevId: 275099957
|
|
- Pass context.Context to OnClose().
- Pass memmap.MMapOpts to ConfigureMMap() by pointer so that implementations
can actually mutate it as required.
PiperOrigin-RevId: 274934967
|
|
Reassembly can fail due to an invalid sequence of fragments
being received. eg. Multiple fragments with same id which
claim to be the last one by setting the more flag to 0 etc.
It's safer to just drop the reassembler and increment a metric
than to panic when reassembly fails.
PiperOrigin-RevId: 274920901
|
|
...and do not populate link address cache at dispatch. This partially
reverts 313c767b0001bf6271405f1b765b60a334d6e911, which caused malformed
packets (e.g. NDP Neighbor Adverts with incorrect hop limit values) to
populate the address cache. In particular, this masked a bug that was
introduced to the Neighbor Advert generation code in
7c1587e3401a010d1865df61dbaf117c77dd062e.
PiperOrigin-RevId: 274865182
|
|
fsgofer.attachPoint.Attach has a bunch of funky special logic to create a RW
file or connect a socket rather than creating a standard control file like
localFile.Walk.
This is unecessary and error-prone, as the attach point still has to go through
Open or Connect which will properly convert the control file to something
usable. As such, switch the logic to be equivalent to a simple Walk.
Updates #235
PiperOrigin-RevId: 274827872
|
|
PiperOrigin-RevId: 274700093
|
|
PiperOrigin-RevId: 274675428
|
|
PiperOrigin-RevId: 274673485
|
|
PiperOrigin-RevId: 274672346
|
|
PiperOrigin-RevId: 274638272
|
|
|
|
This allows for peeking at the length of the next message on a netlink socket
without pulling it off the socket's buffer/queue, allowing tools like 'ip' to
work.
This CL also fixes an issue where dump_done_errno was not included in the
NLMSG_DONE messages payload.
Issue #769
PiperOrigin-RevId: 274068637
|
|
Strengthen the header.IPv4.IsValid check to correctly check
for IHL/TotalLength fields. Also add a check to make sure
fragmentOffsets + size of the fragment do not cause a wrap
around for the end of the fragment.
PiperOrigin-RevId: 274049313
|
|
PiperOrigin-RevId: 274042343
|
|
|
|
rt_sigreturn is required for signal handling (e.g., SIGSEGV for nil-pointer
dereference). Before this, nil-pointer dereferences cause a syscall violation
instead of a panic.
PiperOrigin-RevId: 274028767
|
|
The signalfd descriptors otherwise always show as available. This can lead
programs to spin, assuming they are looking to see what signals are pending.
Updates #139
PiperOrigin-RevId: 274017890
|
|
PiperOrigin-RevId: 274011064
|
|
PiperOrigin-RevId: 273861936
|
|
PiperOrigin-RevId: 273781641
|
|
PiperOrigin-RevId: 273781112
|
|
PiperOrigin-RevId: 273668431
|
|
Signed-off-by: Haibo Xu <haibo.xu@arm.com>
Change-Id: I1646aaa6f07b5ec31c39c318b70f48693fe59a7c
|
|
PiperOrigin-RevId: 273630282
|
|
Options that do not change mount behavior inside the Sentry are
irrelevant and should not be used when looking for possible
incompatibilities between master and slave mounts.
PiperOrigin-RevId: 273593486
|
|
PiperOrigin-RevId: 273586605
|
|
Also change the default TTL to 64 to match Linux.
PiperOrigin-RevId: 273430341
|
|
PiperOrigin-RevId: 273421634
|
|
Adds two tests. One to make sure that $HOME is set when starting a container
via 'docker run' and one to make sure that $HOME is set for each container in a
multi-container sandbox.
Issue #701
PiperOrigin-RevId: 273395763
|
|
PiperOrigin-RevId: 273365058
|
|
PiperOrigin-RevId: 273364848
|
|
Adds minimal security policy info to SECURITY.md. This allows Github to
advertise the security policy doc for the repo.
See: https://github.blog/changelog/2019-05-23-security-policy/
See: https://help.github.com/en/articles/adding-a-security-policy-to-your-repository
PiperOrigin-RevId: 273214306
|
|
PiperOrigin-RevId: 272987037
|
|
Also ensure that all flipcall transport errors not returned by p9 (converted to
EIO by the client, or dropped on the floor by channel server goroutines) are
logged.
PiperOrigin-RevId: 272963663
|
|
In Linux (include/linux/types.h), mode_t is an unsigned short.
PiperOrigin-RevId: 272956350
|
|
The behavior for sending and receiving local broadcast (255.255.255.255)
traffic is as follows:
Outgoing
--------
* A broadcast packet sent on a socket that is bound to an interface goes out
that interface
* A broadcast packet sent on an unbound socket follows the route table to
select the outgoing interface
+ if an explicit route entry exists for 255.255.255.255/32, use that one
+ else use the default route
* Broadcast packets are looped back and delivered following the rules for
incoming packets (see next). This is the same behavior as for multicast
packets, except that it cannot be disabled via sockopt.
Incoming
--------
* Sockets wishing to receive broadcast packets must bind to either INADDR_ANY
(0.0.0.0) or INADDR_BROADCAST (255.255.255.255). No other socket receives
broadcast packets.
* Broadcast packets are multiplexed to all sockets matching it. This is the
same behavior as for multicast packets.
* A socket can bind to 255.255.255.255:<port> and then receive its own
broadcast packets sent to 255.255.255.255:<port>
In addition, this change implicitly fixes an issue with multicast reception. If
two sockets want to receive a given multicast stream and one is bound to ANY
while the other is bound to the multicast address, only one of them will
receive the traffic.
PiperOrigin-RevId: 272792377
|
|
PiperOrigin-RevId: 272760964
|
|
The input file descriptor is always a regular file, so sendfile can't lose any
data if it will not be able to write them to the output file descriptor.
Reported-by: syzbot+22d22330a35fa1c02155@syzkaller.appspotmail.com
PiperOrigin-RevId: 272730357
|
|
https://github.com/google/gvisor/commit/dd69b49ed1103bab82a6b2ac95221b89b46f3376
makes this test take longer.
PiperOrigin-RevId: 272535892
|
|
PiperOrigin-RevId: 272522508
|
|
Spoiler alert: it doesn't.
PiperOrigin-RevId: 272513529
|
|
Right now, we can find more than one process with the 1 PID in /proc.
$ for i in `seq 10`; do
> unshare -fp sleep 1000 &
> done
$ ls /proc
1 1 1 1 12 18 24 29 6 loadavg net sys version
1 1 1 1 16 20 26 32 cpuinfo meminfo self thread-self
1 1 1 1 17 21 28 36 filesystems mounts stat uptime
PiperOrigin-RevId: 272506593
|
|
|
|
PiperOrigin-RevId: 272324038
|
|
b/135475885 was fixed by cl/271434565.
PiperOrigin-RevId: 272320178
|
|
gVisor does not currently implement the functionality that would result in
AT_SECURE = 1, but Linux includes AT_SECURE = 0 in the normal case, so we
should do the same.
PiperOrigin-RevId: 272311488
|
|
PiperOrigin-RevId: 272286122
|